[PR #4870] [MERGED] profiles: enable deterministic shutdown for ssh #5277

New issue

Closed

opened 2026-05-05 10:35:31 -06:00 by gitea-mirror · 0 comments

gitea-mirror commented

2026-05-05 10:35:31 -06:00

Owner

📋 Pull Request Information

Original PR: https://github.com/netblue30/firejail/pull/4870
Author: @reinerh
Created: 1/19/2022
Status: ✅ Merged
Merged: 1/20/2022
Merged by: @reinerh

Base: master ← Head: ssh_shutdown

📝 Commits (1)

730a84e profiles: enable deterministic shutdown for ssh

📊 Changes

1 file changed (+1 additions, -0 deletions)

View changed files

📝 etc/profile-m-z/ssh.profile (+1 -0)

📄 Description

ssh can start in master mode, which will spawn an additional long
running process, which keeps connections to a server open, so that
it can be reused by later connection attempts.

But the lingering master process will prevent the jail from shutting
down, when firejail ssh tries to exit.
This breaks for example ansible when using a firejailed ssh, as it
calls ssh with ControlMaster flags.

deterministic-shutdown will kill the other process when the parent
exits.

does anyone see something negative with enabling this flag?

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/netblue30/firejail/pull/4870 **Author:** [@reinerh](https://github.com/reinerh) **Created:** 1/19/2022 **Status:** ✅ Merged **Merged:** 1/20/2022 **Merged by:** [@reinerh](https://github.com/reinerh) **Base:** `master` ← **Head:** `ssh_shutdown` --- ### 📝 Commits (1) - [`730a84e`](https://github.com/netblue30/firejail/commit/730a84e6233a58b32a3efafb70d1210068826857) profiles: enable deterministic shutdown for ssh ### 📊 Changes **1 file changed** (+1 additions, -0 deletions) <details> <summary>View changed files</summary> 📝 `etc/profile-m-z/ssh.profile` (+1 -0) </details> ### 📄 Description ssh can start in master mode, which will spawn an additional long running process, which keeps connections to a server open, so that it can be reused by later connection attempts. But the lingering master process will prevent the jail from shutting down, when `firejail ssh` tries to exit. This breaks for example ansible when using a firejailed ssh, as it calls ssh with ControlMaster flags. deterministic-shutdown will kill the other process when the parent exits. --- does anyone see something negative with enabling this flag? --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>

gitea-mirror

2026-05-05 10:35:31 -06:00

closed this issue
added the
pull-request
label

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#5277

No description provided.

Rows
Columns